7.5

CVE-2022-27227

EPSS 0.11%
Veröffentlicht 25.03.2022 15:15:07
Zuletzt bearbeitet 21.11.2024 06:55:27
Quelle cve@mitre.org
Teams Watchlist Login
Unerledigt Login

In PowerDNS Authoritative Server before 4.4.3, 4.5.x before 4.5.4, and 4.6.x before 4.6.1 and PowerDNS Recursor before 4.4.8, 4.5.x before 4.5.8, and 4.6.x before 4.6.1, insufficient validation of an IXFR end condition causes incomplete zone transfers to be handled as successful transfers.

Betroffene Produkte Warnungen 0 Metriken 3 CWE 0 Referenzen 12

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Powerdns ≫ Authoritative Server Version < 4.4.3

Powerdns ≫ Authoritative Server Version >= 4.5.0 < 4.5.4

Powerdns ≫ Authoritative Server Version >= 4.6.0 < 4.6.1

Powerdns ≫ Recursor Version < 4.4.8

Powerdns ≫ Recursor Version >= 4.5.0 < 4.5.8

Powerdns ≫ Recursor Version >= 4.6.0 < 4.6.1

Fedoraproject ≫ Fedora Version34

Fedoraproject ≫ Fedora Version35

Fedoraproject ≫ Fedora Version36

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.11%	0.299

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	7.5	3.9	3.6	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
nvd@nist.gov	4.3	8.6	2.9	AV:N/AC:M/Au:N/C:N/I:N/A:P

https://doc.powerdns.com/authoritative/security-advisories/index.html

Vendor Advisory

http://www.openwall.com/lists/oss-security/2022/03/25/1

Patch

Third Party Advisory

Mailing List

https://doc.powerdns.com/authoritative/security-advisories/powerdns-advisory-2022-01.html

Vendor Advisory

https://docs.powerdns.com/recursor/security-advisories/index.html

Vendor Advisory

https://docs.powerdns.com/recursor/security-advisories/powerdns-advisory-2022-01.html

Vendor Advisory

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2QKN56VWXUVFOYGUN75N5IRNK66OHTHT/

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HEABZA46XYEUWMGSY2GYYVHISBVWEHIO/

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IPHOFNI7FKM5NNOVDOWO4TBXFAFICCUE/

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZJSKICB67SPPEGNXCQLZVSWR6QGCN3KP/

https://nvd.nist.gov/vuln/detail/CVE-2022-27227

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2022-27227

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2022-27227

EUVD